cdrecord in the cdrtools package before 2.01, when installed setuid root, does not properly drop privileges before executing a program specified in the RSH environment variable, which allows local users to gain privileges. This module exploits this vulnerability.
CVE Link
Exploit Platform
Exploit Type
Product Name